City Power ransomware attack ‘no surprise’

Mike Bergen of GECI, an international tactical cybersecurity specialist company now in South Africa, says: “It was only a matter of time before a high-profile cyber attack was launched on a major South African utility or infrastructure provider. We see these sorts of attacks increasing all around the world, and South Africa is not immune.”
Thousands of Johannesburg residents were reported to have been affected yesterday, when a ransomware attack on City Power shut down systems, preventing customers from accessing the entity’s website or topping up their pre-paid power. City Power said the attack had compromised their web server, databases, applications and network.
Bergen notes that scores of similar attacks have targeted municipalities and utilities around the world this year alone. “At least 25 municipalities in the US were victims of ransomware attacks in the first six months of this year. At this rate, the number of attacks is on track to exceed the 53 reported in the US last year.” Bergen notes that in some cases, the cyber criminals were able to extort hundreds of thousands of dollars in ransom from the affected organisations. “This is a lucrative form of crime, so we can expect to see the incidence of targeted attacks increasing,” he says.
“Cybercrime is a vast and rapidly growing business, tipped to cost businesses and government globally around $6 trillion by 2021, double what it was in 2015. It has reached pandemic levels with some 4000 cyber attacks per day. It’s no longer a question of if an attack will occur, but when one will be hit.”
Bergen believes South African municipalities and utilities may be neglecting basic cyber security best practice, which increases their risk exposure. “Unpatched systems and a tendency to be reactive rather than proactive, contribute to their risk – particularly in the area of cyber security for Operations Systems (OT),” he says.
GECI, a tactical cybersecurity specialist with a portfolio of cybersecurity innovations developed by former Israeli cyber defence unit experts, is now active in South Africa, focusing on local utilities, municipalities, mines, manufacturers and other industrial sites in conjunction with local partner Sinac Group’s Nokuthula Mgwebile.
GECI International offers highly innovative and unique cybersecurity solutions for both administrative (IT) & industrial (OT) environments. GECI cyber security solutions are non-invasive, rapid to implement, detect vulnerabilities and advanced known and unknown threats within seconds, eliminating content borne attacks or prioritising and recommending actions to be taken to rectify OT vulnerabilities and threats, protecting critical systems and infrastructure.